Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/df93f29a-3b81-476a-8435-a32bae736189.roa
File: df93f29a-3b81-476a-8435-a32bae736189.roa (raw, json)
Hash identifier: hEmeG6xVn7F2fgKDp3MmlyZ2rpZFWkqAADF8sN4kRPU=
Subject key identifier: 93:B9:BD:D2:C4:67:A6:42:3D:3E:4D:C6:4E:73:EE:19:EE:16:5E:F1
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3F9023E7011780B8C2950849A758A42C986060D8
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/df93f29a-3b81-476a-8435-a32bae736189.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 43.249.44.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:90:23:e7:01:17:80:b8:c2:95:08:49:a7:58:a4:2c:98:60:60:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=cda58065fe0f2e8a4679e7b3c089917a784b0e75df323a67dddc1ffa32a4847c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f0:81:96:dc:6a:ad:16:45:25:ed:49:e9:e0:
26:fc:df:90:4b:d1:e1:a1:92:b3:58:f8:14:3d:49:
8b:35:97:2a:65:77:6c:4e:df:27:13:e4:95:1e:c5:
5c:91:b8:5e:30:82:ef:18:bc:fa:9b:ba:d6:2a:ce:
2c:47:f0:17:92:4e:b2:48:70:d0:3d:3c:d9:bc:66:
3b:dd:30:8c:ed:a1:1f:c8:5a:ec:86:cd:03:b5:6f:
98:22:96:2d:5e:8a:23:8b:e8:76:bf:ff:52:fb:d1:
57:21:3e:8b:8b:fc:c5:aa:76:bc:2f:f3:6b:ff:29:
51:57:80:ac:26:dc:3d:c6:df:e8:14:c2:8e:11:7f:
c5:b0:0b:5d:aa:ec:80:38:50:f4:6d:70:2a:2a:81:
65:b7:07:90:a1:db:1e:3f:0a:b8:b0:35:b1:6c:b8:
40:ff:21:be:f1:1a:ec:26:72:de:88:6a:0c:f3:13:
20:f9:15:33:77:7e:e0:c4:d0:69:ed:f3:04:05:05:
c5:a5:4a:e7:b7:86:bc:ed:34:60:86:21:77:83:70:
33:d6:ea:8c:af:50:6d:d8:4c:ec:4e:5f:7b:8f:4e:
5c:d1:a5:62:73:f5:7e:33:63:ce:5c:94:aa:66:63:
bc:42:61:86:20:03:aa:de:00:78:b5:0a:22:64:bc:
de:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:B9:BD:D2:C4:67:A6:42:3D:3E:4D:C6:4E:73:EE:19:EE:16:5E:F1
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/df93f29a-3b81-476a-8435-a32bae736189.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.249.44.0/22
Signature Algorithm: sha256WithRSAEncryption
31:24:a1:f8:95:b1:b8:59:68:83:cc:f7:18:f0:83:9c:fa:d6:
f0:8f:6c:bf:3f:9c:6a:92:f9:13:3d:09:0f:80:5e:1e:0d:04:
26:df:39:02:dd:31:88:1f:2e:1f:ad:37:b8:ce:26:ae:fa:6d:
b2:8e:b0:09:6a:9c:39:8c:09:7a:05:e7:55:ea:48:f8:e5:8f:
61:60:02:29:da:53:53:c1:83:4d:96:7f:84:8a:c0:d6:c8:e1:
04:75:ea:61:c5:db:7b:68:c6:f6:1f:14:43:9d:b7:d8:96:ac:
c8:ff:f2:39:eb:bb:40:19:c1:8c:a5:2f:d8:67:51:06:ed:23:
c4:0e:bf:a1:97:2c:39:d3:d2:c4:7d:86:4f:94:6c:d6:b3:17:
6a:53:d4:e4:91:c9:df:44:08:85:8b:3b:bb:41:32:a2:62:6e:
ca:39:cb:95:fe:35:b5:07:7d:de:9a:43:c8:64:94:5b:7d:0a:
02:9c:8a:b6:13:68:79:f4:93:77:fd:96:2e:73:74:ce:a9:7b:
45:cb:f0:97:d8:d2:e2:2e:e2:d3:85:49:55:e5:d7:71:61:e5:
36:8e:6b:cc:59:8f:2a:4e:3a:30:5a:3e:5b:14:d9:ee:5f:e5:
de:67:13:01:24:a1:1e:fd:6e:ea:67:dd:84:41:56:54:0d:a1:
7d:e7:0e:94
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUP5Aj5wEXgLjClQhJp1ikLJhgYNgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAY2RhNTgwNjVmZTBmMmU4YTQ2Nzll
N2IzYzA4OTkxN2E3ODRiMGU3NWRmMzIzYTY3ZGRkYzFmZmEzMmE0ODQ3YzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPCBltxqrRZFJe1J6eAm/N+QS9Hh
oZKzWPgUPUmLNZcqZXdsTt8nE+SVHsVckbheMILvGLz6m7rWKs4sR/AXkk6ySHDQ
PTzZvGY73TCM7aEfyFrshs0DtW+YIpYtXooji+h2v/9S+9FXIT6Li/zFqna8L/Nr
/ylRV4CsJtw9xt/oFMKOEX/FsAtdquyAOFD0bXAqKoFltweQodsePwq4sDWxbLhA
/yG+8RrsJnLeiGoM8xMg+RUzd37gxNBp7fMEBQXFpUrnt4a87TRghiF3g3Az1uqM
r1Bt2EzsTl97j05c0aVic/V+M2POXJSqZmO8QmGGIAOq3gB4tQoiZLzevwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFJO5vdLEZ6ZCPT5Nxk5z7hnuFl7xMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2RmOTNmMjlhLTNiODEtNDc2YS04NDM1LWEzMmJhZTczNjE4OS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCK/ksMA0GCSqGSIb3DQEBCwUAA4IBAQAxJKH4lbG4WWiDzPcY8IOc
+tbwj2y/P5xqkvkTPQkPgF4eDQQm3zkC3TGIHy4frTe4ziau+m2yjrAJapw5jAl6
BedV6kj45Y9hYAIp2lNTwYNNln+EisDWyOEEdephxdt7aMb2HxRDnbfYlqzI//I5
67tAGcGMpS/YZ1EG7SPEDr+hlyw509LEfYZPlGzWsxdqU9TkkcnfRAiFizu7QTKi
Ym7KOcuV/jW1B33emkPIZJRbfQoCnIq2E2h59JN3/ZYuc3TOqXtFy/CX2NLiLuLT
hUlV5ddxYeU2jmvMWY8qTjowWj5bFNnuX+XeZxMBJKEe/W7qZ92EQVZUDaF95w6U
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:31:56 2025 by rpki-client